Skip to content

Latest commit

 

History

History
138 lines (94 loc) · 7.26 KB

README.md

File metadata and controls

138 lines (94 loc) · 7.26 KB

Open DMARC Analyzer

Open DMARC Analyzer Screenshot

Open DMARC Analyzer is an Open Source DMARC Report Analyzer to be used with DMARC reports that have been parsed by Open Report Parser.

Open DMARC Analyzer was written because there didn't seem to be a full-featured self-hosted report analyzer that provided enough details to make heads or tails of a large volume of DMARC reports that come into medium to large-sized organizations. While other solutions required paid subscriptions or have part of it hosted on AWS, Open DMARC Analyzer will run on any webserver that supports PHP 7.4+ and MariaDB 10.5+.

Open DMARC Analyzer Version 1 is an Anomaly <Codebase> project by John Bradley ([email protected])

Minimum Requirements

  • Apache 2 or equivalent
  • PHP 5 (PHP 7+ required for phpWhois)
  • PHP PDO
  • MariaDB 10.5 (or equivalent) or PostgreSQL 13
  • A database that is pre-populated with data from Open Report Parser

Dependencies

One of the following 2 packages are required to be installed.

kevinoo/phpWhois

It is highly recommended that you install this package using composer. Instructions are found on the package's git page. This is required, and will replace most GeoIP data if you disable the MaxMind DB reader package. This package will require PHP 7 or newer.

PLEASE NOTE: if you are using the jsmitty12/phpWhois package, it does not support PHP 8 properly. Please remove it and use the newer kevinoo/phpWhois package.

MaxMind DB Reader PHP API

A note on this dependency - I've tried to write the one refrence to this external project as optional as possible, and it can almost completely be configured from config.php, due to the limitation of php namespace, I haven't come across a way that won't require you to dig deeper into the code if you happen to chose a compatible library to replace this MaxMind one. If you do wish to replace this library with another compatible one, the line in question is located in includes\functions.php:

$reader = new MaxMind\Db\Reader(GEO_DB);

It is highly recommended that you install this package using composer. Instructions are found on the package's git page.

You will also need the GeoLite2 database from MaxMind (or any other compatible DB). It can be obtained from here. Open DMARC Analyzer makes use of the GeoLite2 City database.

The MaxMind library is not distributed with this project, and is ultimately an optional feature to the project as a whole, unless you are using PHP 5.

Setting up Open DMARC Analyzer

Obtaining Open DMARC Analyzer through git is probably the easiest way, in addition to doing occasional pulls to get up-to-date versions.

git clone https://github.com/userjack6880/Open-DMARC-Analyzer.git

Optionally, a zip file of the latest release can be downloaded.

Once downloaded and installed in a desired directory, install either jsmitty12's phpWhois package or the MaxMind DB Reader package through composer. Rename config.php.pub to config.php and edit the configuration for your environment (see the next section on Configuration Options for details). Finally, run install.php to create the database view used by this software package.

install.php should remove itself and mysql.sql once complete. If permissions aren't given, install.php may not delete those files. It is recommended to manually delete these.

Configuration Options

Database Options

define('DB_HOST', 'localhost');
define('DB_USER', 'dmarc');
define('DB_PASS', 'password');
define('DB_NAME', 'dmarc');
define('DB_PORT', '3306'); // default port 3306, 5432 for pgsql
define('DB_TYPE', 'mysql'); // supported mysql and pgsql

Debug Settings

define('DEBUG', 1);

Not Currently Used

Template Settings

define('TEMPLATE','openda');

This will load the visual templated located templates/. Simply name the directory the template is located in. Do not use a trailing slash.

Package Loader

define('AUTO_LOADER','vendor/autoload.php');

Should not need to change this setting unless using a non-standard composer installation.

GeoIP2 Settings

define('GEO_ENABLE', 1);
define('GEO_DB', 'includes/geolite2.mmdb');

Allows you to select between jsmitty12's phpWhois package and the MaxMind DB Reader package. The default is to use the MaxMind DB Reader package, as it provides the most relevant data to the user. To fall back to the jsmitty12's phpWhois package, change the GEO_ENABLE option to 0.

The second option, GEO_DB is used in conjunction with the MaxMind DB Reader package. The path to the MaxMind GeoIP database is relative to the root of the software package.

Date Range

define('DATE_RANGE', '-1w');

Defines the standard starting date range for data presented. All pages where dates are relevant start at a certain point and end at the time the page is loaded. This option defines where that starting point is, and the increment by which that starting date is changed.

Valid date signifiers are m, w, and d for "month", "week", and "day".

Tested System Configurations

OS HTTP PHP SQL
Debian 11.6 Apache 2.4.56 8.2.5 MariaDB 10.5.18
Debian 11.6 Apache 2.4.56 8.2.5 PostgreSQL 13.9
Debian 11.6 Apache 2.4.56 7.4.33 MariaDB 10.5.18
Debian 11.6 Apache 2.4.56 7.4.33 PostgreSQL 13.9
CentOS 7.6.1810 Apache 2.4.6 5.4.16 MariaDB 5.5.65

If you have a system configuration not listed, and would like to contribue this data, please provide feedback.

Release Cycle and Versioning

At release, End of Support and End of Life will be determined based on what will be in the next version. Versioning is under the Anomaly Versioning Scheme (2022), as outlined in VERSIONING under docs.

Support

Support will be provided as outlined in the following schedule. For more details, see SUPPORT.

Version Released End of Support End of Life
Version 1 (Stable) 15 May 2023 15 May 2024 31 December 2024

Contributing

Public contributions are encouraged. Please review CONTRIBUTING under docs for contributing procedures. Additionally, please take a look at our CODE_OF_CONDUCT. By participating in this project you agree to abide by the Code of Conduct.

Contributors

Primary Contributors

  • John Bradley - Initial Work

Thanks to all who contributed and have given feedback.

Licenses and Copyrights

Copyright © 2023 John Bradley (userjack6880). Open DMARC Analyzer is released under GNU GPLv3. See LICENSE.